With WordPress and other publishing software, you can create “private” and “password-protected” posts, but the URL is still going to be discoverable via search engines and visitors. This technique using .htaccess makes the post and URL accessible only to the specified IP addresses.

So if my IP address is 123.123.123 it would be allowed. Likewise if my associate’s IP address is 222.222.222, it also would be allowed. Everyone else will be denied access to the specified page, located at /my-private-page/.

Both will be accessible only to visitors coming from the allowed IPs. To add more IPs, simply replicate one of the RewriteCond directives. Just make sure to remember that you’ve got the technique in place in case your IP address ever changes.